<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><!-- InstanceBegin template="/Templates/cloudiary.dwt" codeOutsideHTMLIsLocked="false" -->
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<!-- InstanceBeginEditable name="doctitle" -->
<title>Cloudiary</title>
<!-- InstanceEndEditable -->
<!-- InstanceBeginEditable name="head" -->
<script type="text/javascript" src="Js/jquery.js"></script>
<script type="text/javascript" src="Js/slider.js"></script>
<!-- InstanceEndEditable -->
<link href="CSS/css.css" rel="stylesheet" type="text/css" />
</head>
<?php
  include('userlock.php');
?>
<body>
<div id="container">
<div id="wrapper">

<div id="header">
<!-- InstanceBeginEditable name="header" -->
<div class="welcome">
<?php include('welcomeuser.php');?>
</div>
<!-- InstanceEndEditable -->

<img src="Assets/cloud diary low-01(trans).png" alt="CloudDiary" width="75" height="45" style="padding:5px 10px;" /> <br />
</div>
    
<div id="main">
<!-- InstanceBeginEditable name="main" -->
<ul class="dropdown">
<li><a href="Home.php" class="linkStraight">Home &nbsp; &nbsp;</a></li>
<li><a href="#" class="linkDown" id="classification">Classifications &nbsp; &nbsp;</a>
	<ul class="sub_menu" id="menu1">
    <li> <a href="PublicClassification.php"> Public &nbsp; </a> </li>
    <li> <a href="FriendClassification.php"> Friend &nbsp; </a> </li>
    </ul>
</li>
<li><a href="#" class="linkDown" id="friends">Friends &nbsp; &nbsp;</a>
	<ul class="sub_menu" id="menu2">
    <li> <a href="Friends.php"> Search Friends &nbsp; </a> </li>
    <li> <a href="CurrentFriends.php"> Current Friends &nbsp; </a> </li>
    <li> <a href="Send.php"> Sending Request &nbsp; </a> </li>
    <li> <a href="Receive.php"> Pending Request &nbsp; </a> </li>
    </ul>
</li>
<li><a href="#" class="linkDown" id="posts">Posts &nbsp; &nbsp;</a>
	<ul class="sub_menu" id="menu3">
    <li> <a href="NewPost.php"> New Post &nbsp; </a> </li>
    <li> <a href="ViewPosts.php">  View All Posts &nbsp; </a> </li>
    </ul>
</li>
<li><a href="Privacy.php" class="linkStraight">Privacy Settings &nbsp; &nbsp;</a></li>
</ul>

<div id="content">
 <p> SEARCH FRIENDS </p>
<form method="post">
 <input type="text" name="query_text" placeholder="Search Friends" /> &nbsp;
 <input type="image" src="Assets/buttonSubmit.png" value="Submit" />
</form>
<br /> <br />

<?php
   $single_page=5;
  
   if($_SERVER["REQUEST_METHOD"] == "POST")
  { //new search
    $_SESSION['query_text'] = $_POST['query_text'];
    $var = $_SESSION['query_text'];
    $trimmed=trim($var); 

    if($trimmed=="")
    { echo"<p><strong>Please enter a search</strong></p>";
      $test = "SELECT DISTINCT u.user_name, u.user_email, u.user_gender, u.user_status, u.user_dob, u.user_country FROM user u WHERE ((u.user_email) NOT IN (SELECT friend_email FROM friend where user_email = '$login_session')) AND (u.user_account_restriction = 'public') AND (u.user_email != '$login_session') AND ((u.user_email) NOT IN (SELECT friend_email FROM send_request where user_email = '$login_session')) AND ((u.user_email) NOT IN (SELECT friend_email FROM receive_request where user_email = '$login_session'))";
      $q1=mysql_query($test);
    }
    else if($trimmed!="")
    {
      $q=mysql_real_escape_string($trimmed);   
      $test= "SELECT DISTINCT u.user_name, u.user_email, u.user_gender, u.user_status, u.user_dob, u.user_country FROM user u WHERE ((u.user_email) NOT IN (SELECT f.friend_email FROM friend f where user_email = '$login_session')) AND (user_name like '%".$q."%') AND (u.user_account_restriction = 'public') AND (u.user_email != '$login_session') AND ((u.user_email) NOT IN (SELECT friend_email FROM send_request where user_email = '$login_session')) AND ((u.user_email) NOT IN (SELECT friend_email FROM receive_request where user_email = '$login_session'))";
      $q1=mysql_query($test);
    }

    if(!isset($var))
    { echo"No search parameter found";
      exit;
    }
  }
  else if (!isset($_SESSION['query_text'])) 
  {
	 //first time enter
     $test = "SELECT DISTINCT u.user_name, u.user_email, u.user_gender, u.user_status, u.user_dob, u.user_country FROM user u WHERE ((u.user_email) NOT IN (SELECT friend_email FROM friend where user_email = '$login_session')) AND (u.user_account_restriction = 'public') AND (u.user_email != '$login_session') AND ((u.user_email) NOT IN (SELECT friend_email FROM send_request where user_email = '$login_session')) AND ((u.user_email) NOT IN (SELECT friend_email FROM receive_request where user_email = '$login_session'))";
     $q1=mysql_query($test);
  }
  else if(isset($_SESSION['query_text']))
  {
	//page
    $var = $_SESSION['query_text'];
    $trimmed=trim($var); 

    if($trimmed=="")
    { echo"<p><strong>Please enter a search</strong></p>";
      $test = "SELECT DISTINCT u.user_name, u.user_email, u.user_gender, u.user_status, u.user_dob, u.user_country FROM user u WHERE ((u.user_email) NOT IN (SELECT friend_email FROM friend where user_email = '$login_session')) AND (u.user_account_restriction = 'public') AND (u.user_email != '$login_session') AND ((u.user_email) NOT IN (SELECT friend_email FROM send_request where user_email = '$login_session')) AND ((u.user_email) NOT IN (SELECT friend_email FROM receive_request where user_email = '$login_session'))";
    }

    if(!isset($var))
    { echo"No search parameter found";
      exit;
    }

    if($trimmed!="")
    {
    $q=mysql_real_escape_string($trimmed);
    $test = "SELECT DISTINCT u.user_name, u.user_email, u.user_gender, u.user_status, u.user_dob, u.user_country FROM user u WHERE ((u.user_email) NOT IN (SELECT f.friend_email FROM friend f where user_email = '$login_session')) AND (user_name like '%".$q."%') AND (u.user_account_restriction = 'public') AND (u.user_email != '$login_session') AND ((u.user_email) NOT IN (SELECT friend_email FROM send_request where user_email = '$login_session')) AND ((u.user_email) NOT IN (SELECT friend_email FROM receive_request where user_email = '$login_session'))";
    }
    $q1=mysql_query($test);
  }

  $count=mysql_num_rows($q1);
  $total_pages=ceil($count/$single_page);
  
  if(isset($_GET['page']) && is_numeric($_GET['page']))
  {
    $obtain_page=$_GET['page'];
    if($obtain_page>0 && $obtain_page<=$total_pages)
    {
      $starting_page=($obtain_page-1)*$single_page;
      $ending_page=$starting_page+$single_page;
    }
    else
    {
      $starting_page=0;
      $ending_page=$starting_page+$single_page;
    }
  }
  else
  {
    $starting_page=0;
    $ending_page=$starting_page+$single_page;
  }
  
  $test2 = $test." ORDER BY user_name ASC LIMIT $starting_page,$single_page ";
  $q2 = mysql_query($test2);
  echo"<br />";
  ?>
  
<div id="page">
<?php   
echo"<p><strong>Page: &nbsp;</strong>";
  for($a=1;$a<=$total_pages;$a++)
  {
    
    echo"<a href='Friends.php?page=$a'>$a</a>"." | ";
    echo"</br>";
  }
?>
</div>
<?php
echo"</p>";
?>

<?php
  if (!empty($_GET['add'])) 
  {  
    echo"<br/>"; 
    echo"Friend request has been successfully sent!";
  }
  echo"<br />";
  
  if($count==0)
  {
    echo "<br/>";
    echo "No existing friends";
  }
  
  for($a=$starting_page;$a<$ending_page;$a++)
  {
    if($a==$count)
    {
      break;
    }
    
    while($data_fetch=mysql_fetch_array($q2))
    {     
?>
    <table border="0" width="100%" style=" margin-bottom:8px">
	<tr>
		<td width="10" rowspan="3">&nbsp;  </td>
		<td colspan="3">&nbsp;  </td> 
		<td width="10" rowspan="3">&nbsp;  </td>
	</tr>
	<tr>
		<td width="215px" align="center"> <img src="display_photo.php?id=<?php echo $data_fetch['user_email'];?> " width="180px" height="200px" alt="userPicture" style="border:solid 1px #69F; padding:2px;" /> </td>
		<td height="100px" align="right">
		
		<table border="0" width="100%">		
		<tr> <td height="10px" style="padding-left:10px" id="particular"> <label> <span> Name </span> : &nbsp; <?php echo $data_fetch['user_name']; ?></a> </label> </td> </tr>
		<tr> <td height="10px" style="padding-left:10px" id="particular"> <label> <span> Gender </span> : &nbsp; <?php echo $data_fetch['user_gender']; ?> </label> </td> </tr>
		<tr> <td height="10px" style="padding-left:10px" id="particular"> <label> <span> Date of Birth </span> : &nbsp; <?php echo $data_fetch['user_dob']; ?> </label> </td> </tr>
		<tr> <td height="10px" style="padding-left:10px" id="particular"> <label> <span> Country </span> : &nbsp; <?php echo $data_fetch['user_country']; ?> </label> </td> </tr>
		</table> </td>
		
		<td width="200px" align="center"> 
		  <form action="FriendSQL.php" method="post">
		  <input type="hidden" name="query1" value="<?php echo "INSERT INTO send_request(user_email,friend_email) VALUES('$login_session','".$data_fetch['user_email']."')"; ?>" /> 
		  <input type="hidden" name="query2" value="<?php echo "INSERT INTO receive_request(user_email,friend_email) VALUES('".$data_fetch['user_email']."','$login_session')"; ?>" />
		  <input type="hidden" name="location" value="<?php echo "Friends.php?add=1"; ?>"/>
		  <input type="image" src="Assets/buttonAddFriend.png" value="Add Friend" /> 
		  </form>
    </td>
	</tr>
	<tr>
		<td colspan="3"  style="border-bottom:solid 1px #69F;">&nbsp;  </td>
	</tr>
	</table>
	
<?php   
      
      echo"<br />";
    }
  }
     echo "<br/>";
     echo "<br/>";
     echo "<strong>".$count."</strong>"."\n"."<strong>Matching Result(s) Found<strong>"; 
?>

</div>
<!-- InstanceEndEditable -->
</div>

</div>
</div>

<div id="footer">
	<p align="center"> &copy; &nbsp; 2012 CloudDiary </p>
</div> 
  
</body>
<!-- InstanceEnd --></html>
